HARTFORD, Conn. –
Inside a brightly lit classroom, keyboards go cyclic. The clicks of the mouse reverberate across the room like the distant echoes of artillery. These are the sounds of the digital battlefield. U.S. Army Staff Sgt. John Young, a soldier assigned to Joint Forces Headquarters, Connecticut Army National Guard, is just one of many men and women, all cyber warriors, in the trenches posed for the impending attack. Thankfully for him, this digital battlefield is an augmentation, one devised and created as part of Cyber Yankee, a cyber training exercise meant to simulate a real world environment to train mission essential tasks for Cyber professionals.
But Young wasn’t always a Cyber soldier. When he enlisted into the Army in 2009 after a short stint in college, he did so as a Motor Transport Operator.
“I actually tried to do the college thing right out of high school and was like, yeah, it doesn’t really feel like it’s for me at the time,” Young explained with a smile. “So I started going to school, decided to drop out and join the military.”
Young has deployed twice in his career. First, as a truck driver to Kandahar, Afghanistan in 2012, but he never got behind the wheel. Instead, he manned the turret of a tactical vehicle, known as a Mine-Resistant Ambush Protected, or MRAP, for short, as he traveled across the country. Young would do this for the first half of his deployment until being promoted to Sergeant. Following his promotion, Young served as the assistant convoy commander, or ACC.
“As an ACC I was responsible for prepping all the soldiers and vehicles going into the mission while the CC (Convoy Commander) dealt with the planning piece,” said Young. “Once we left on mission I was the CC’s backup for everything and was usually in charge of maintaining reporting and communication between the gun trucks and commodity trucks.”
For his second deployment, this time in 2017, Young would travel to Poland, where he worked as the operations non-commissioned officer in a tactical operations center, or TOC.
“I worked 10 to 15 hours almost every day keeping track of operations running across an AOR (Area of Responsibility) that extended from Estonia all the way down to Romania,” said Young. “I was very rarely ever not busy.”
Following his deployment to Poland, Young transitioned to working as a special security representative, for a sensitive compartmented information facility, or SCIF, in 2020. Here, within the walls of the windowless and soundproofed SCIF is where the foundation for his interest in Cyber was laid. Young started learning more about the Intelligence field, computer technology, and ended up doing a little soul searching on what path he wanted to take towards higher education.
“I have always been into computers and stuff like that, so I kind of wanted to find a way of taking that passion and applying it to something that I could do,” explained Young. “So I decided to go for a cybersecurity degree.”
Young would soon find out he had a lot ahead of him to become a cyber professional.
“I started diving into it on the education side, quickly realized that I also needed to include some certification and civilian training in there,” explained Young. “So I started working on some certifications, got my SEC+ (CompTIA Security+), Network+ (CompTIA Network+), CCNA (Cisco Certified Network Associate), GSEC (GIAC Security Essentials).”
While taking these courses and compiling these certifications Young fell into his groove.
“Through that learning I kind of scoped more into my passion,” explained Young. “I realized there was a bit of an opportunity for shaping threat intelligence geared towards cyber.”
Forward thinking like this is what inevitably landed him at Cyber Yankee, a two part joint Department of Defense and private sector cyber training exercise that simulates real world scenarios utilizing the Persistent Cyber Training Environment, or PCTE, platform. The PCTE replicates environments utilized by civilian and private sector partners, such as an electrical plant or water treatment facility, and trains cyber professionals to defend this infrastructure from a cyber attack.
In this scenario, the “Red Team” tried to attack facilities being protected by multiple “Blue Teams”, made up of cyber warriors from the U.S. Army, U.S. Air Force, U.S. Navy, U.S. Marines and U.S. Coast Guard. Each Blue Team also had an intelligence section feeding the cyber analysts information on their adversary, which is where Young came in.
“You need to understand the TTPs, the tactics, techniques and procedures of your enemies, look forward, where could they go, what might they do,” said Young. “That helps you.”
Young went from computer to computer helping the other cyber analysts identify threats and troubleshooting any problems they might have encountered.
“I would argue the most fun thing is the collaboration with your teams,” said Young. “Being able to see how we all work together to defend and protect what’s important, that, to me, is the fun part.”
Despite Cyber Yankee being an enjoyable experience for the analysts to train with other Department of Defense and partner agencies, the need to defend against emerging cyber threats is constant and very real. No one knows this more than Young.
“[Cyber] is one of the most dynamically evolving environments there is,” explained Young. “There is never a point in time where you stop defending, you always have the opportunity to go out and do something in the cyber realm to affect change and to better the organization as a whole, there is always something more you can learn, there’s always new tooling that you can learn to use, you’re never going to feel like you don’t have something to focus on to help make a difference.”